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Abstract 

This document is one of three. It describes the Operational Concept (OpsCon) for a generic space exploration com- 
munication architecture. The purpose of this particular document is to identify communication flows and data types. 
Two other documents accompany this document, a security policy profile and a communication architecture docu- 
ment. The operational concepts should be read first followed by the security policy profile and then the architecture 
document. 

The overall goal is to design a generic space exploration communication network architecture that is affordable, 
deployable, maintainable, securable, evolvable, reliable, and adaptable. The architecture should also require limited 
reconfiguration throughout system development and deployment. System deployment includes: subsystem develop- 
ment in a factory setting, system integration in a laboratory setting, launch preparation, launch, and deployment and 
operation in space. 
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1. Goals 

This document was produced as part of an effort to create a Generic Space Exploration Communication Network 
Architecture. The overall goal of this effort is to design a communication network for manned space exportation that is: 
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1) Affordable, 2) Deployable, 3) Maintainable, 4) Securable, 5) Evolvable, and 6) Reliable (Robust). Failure to meet 
items 3 and beyond will result in a system with significant hidden costs that only materialize after full deployment. 

A secondary goal is to design the network such that it requires limited reconfiguration throughout system develop- 
ment and deployment. System deployment includes: subsystem development in a factory setting, system integration 
in a laboratory setting, launch preparation, launch, and deployment and operation in space - cradle-to-grave (end-of- 
mission). 


2. Introduction 

This document is one of three. It describes the concepts of operation for a generic space exploration communi- 
cation architecture. The purpose of this particular document is to articulate the problem space and identify commu- 
nication flows and data types. Two other documents accompany this document, a security policy profile [1] and a 
communication architecture document. The operational concepts should be read first followed by the security policy 
profile and then the architecture document. One intent of these three documents is to provide sufficient detail to enable 
development of query able System Modeling Language (SysML) models. 

This document defines the Operational Concept (OpsCon) for a generic space communication network for human 
space exploration beyond low Earth orbit. The document also applies to robotics space exploration, since robotic 
space exploration is considered a subset of human space exploration. Operational Concepts identify key capabilities 
and assumptions. They are used to define necessary functionality and performance expectations used to formulate 
requirements. For our purposes, OpsCon needs to be at sufficient detail to identify communications flows, data types, 
quality-of- service requirements and security requirements. The document also includes a generic Design Reference 
Mission (DRM). This document is patterned after NASA’s Constellation Design Reference Missions and Operational 
Concepts Document [2] but tailored for communications network design. 


3. Terminology 

In order to ensure understanding, a common vocabulary must be established. The following sections attempt to 
define a common vocabulary relative to communication networking and data security. 

Data vs. Information In this document, when discussing communication network security, we mean securing data 
and networks not securing information. Why? Because information is all encompassing and securing informa- 
tion quickly becomes an unbounded problem. Thus, it is important to understand the difference between data 
and information. Data is information in its purest form. Information can be more than just data. 

Information is knowledge gained through study, communication, research, instruction, etcetera. Information 
can also be factual data. Information is unbounded because information can be inferred. Information can 
be inferred from voice inflections or body language. If data is encrypted, one might infer that that particular 
data is of more importance to someone than unencrypted data. Using data-mining one can combine 
collections of data to enable one to infer information. Examples include inferring medical conditions from 
prescription data or that a military action may be taking place from a sudden increase in pizza deliveries 
to the pentagon. 

Data is factual (not inferred ) information used as a basis for reasoning, discussion, or calculation. When con- 
sidering network communications, data is information in numerical form that can be digitally transmitted 
or processed. 

Phases of Mission For the purpose of common terminology the aviation community 1 developed a common termi- 
nology for various phases of flight [3]. The list of phases provides guidance for classification of when (what 
phase in flight) an aviation occurrence has happened and aids in reporting. These phases include: 1) Standing, 


'The International Civil Aviation Organization (ICAO) and the Commercial Aviation Safety Team (CAST), which includes Government officials 
and aviation industry leaders, jointly chartered the CAST/ICAO Common Taxonomy Team (CICTT) with developing common taxonomies and 
definitions for aviation accident and incident reporting systems. 
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2) Pushback, 3) Taxi, 4) Take Off, 5) Initial Climb, 6) En Route, 7) Maneuvering, 8) Approach, 9) Landing, 
10) Emergency Descent, 11) Uncontrolled Descent, 12) Post Impact, and 13) Unknown. The FAA also defined 
terms for phases of flight [4]. These include: 1) Preflight, 2) Terminal, 3) En Route, and 4) Oceanic. The 
following is an attempt to develop similar terminology for the Space community relative to communications 
requirements at various stages of a mission. As the goal of the communication architecture is cradle-to-grave 
(end-of-mission), we use the term “mission phase” instead of “phases of flight”. Each of these mission phases 
has different communication requirements, data flows and, in particular, different communication link capabili- 
ties. 

Subsystem and System Integration is the phase of the mission were systems and subsystems are being de- 
veloped at the factory and/or being brought together at a facility for integration and testing. Since there 
is a desire to have limited reconfiguration from cradle-to-grave it is imperative to not ignore this phase of 
development. 

Prelaunch is when the payload has been integrated with the launch vehicle and the combined system is on the 
launchpad. 

Launch is the point at which the vehicle leaves the ground and is transitioning to its final destination. By final 
destination we mean the stage at which the payload is deployed, any antenna systems are deployed, and it 
has reached a stable flight dynamic. In order to combine payload systems into a larger entity prior to En 
Route operations in many cases the initial “destination” may be a Low-Earth Orbit (LEO). 

LEO Rendezvous may be the final destination. Or, it may be a staging area were large subsystems are com- 
bined into a major system prior to En Route operations. 

En Route is the phase of the mission were the system has been stabilized and is on its way to its final destination 
or returning from its final destination. 

Destination Rendezvous is the staging area around a planet or asteroid or some other entity prior to descent 
and surface operations. Destination rendezvous may be the final destination as in the case, for example, 
of a Mars relay satellite. 

Planetary Descent is the phrase from orbit around an entity to landing on that entity. 

Surface Operations is the phase of the mission where surface operations occur. For example, for a Mars 
exploration rover, this is the phase where the rover is being operated and science missions are being 
accomplished. 

Planetary Departure Is the point at which the vehicle leaves the planet and reaches a stable flight dynamics. 

Earth Reentry is the period from when the space vehicle enters into the Earth’s atmosphere through touch- 
down (or splashdown). 

Region When discussing communications and networking, distance matters. Distance correlates to propagation de- 
lays (time) as the speed of light is finite. Distance also correlates to bandwidth as received radiated power is 
inversely proportional to the square of the distance. Thus, when discussing networking, communication links 
and protocols, it is important that we identify the ’’Region” for which the analysis is taking place. For a generic 
space exploration communication architecture, we arbitrarily and purposefully define three regions: 

Local is anything internal to a structure, or within a few hundred meters of a structure. Thus time delay is 
insignificant and bandwidth is fairly large (10s of Mbps or more). 

Neighborhood is anything beyond “local” and within a 500 msec Round Trip Time (RTT) 2 . In general, Neigh- 
borhood will likely be between a surface system and something orbiting that planetary body. General, 
unmodified Internet protocols are likely to work reasonable well at these minimal propagation delays. 


2 500 msec RTT corresponds to a satellite in a circular geosynchronous orbit in the plane of the Earth’s equator with a radius of approximately 
42,164 km (26,199 mi) measured from the center of the Earth (a.k.a Geostationary Orbit (GEO). 


NASA/TM— 201 5-2 1 8823 


4 


Afar is communication between entities that are great distances apart. Afar would be interplanetary com- 
munications or even lunar-earth distances. Internet Protocol (IP) packets can be used at these distances 
and some Internet Protocols can work at these distances. However, care must be taken to ensure proper 
operation given the long propagation delays. 

Telemetry - System and subsystem configuration and/or health and status data. The word is derived from Greek 
roots: tele = remote, and metron = measure. 

4. Data 

When designing a communication network one needs to understand what type of data is flowing through the 
network and what the characteristics of that data are. Data becomes quite complicated as will be shown in the 
following subsections on data. There are many types of data. There are multiple characteristics regarding security as 
well as multiple characteristics regarding Quality-of-Service (QOS). After analysis of the various data we designated 
there to be five types of data, three types of security sensitivity levels, three types of security objectives and three levels 
of impact relative to security. In addition, when considering quality of service, we identified three priority levels and 
six service sensitivity levels. From this we conclude there are 2430 combinations of data classification. Take notice: 
it is really more complicated than that because each piece of data gets classified relative to the application that is 
creating that data. Thus we need to find a way to distill this down. Perhaps looking at communication system from 
the applications running on various elements rather than the data may prove to be a better approach in the end. 

4.1. Data Sources 

Data comes from many sources. Understanding those sources helps with understanding what the service require- 
ments of that data may be. Sources include: 

• Human-to-human communications 

• Health and status monitoring sensors 

• Video cameras 

• Still image cameras 

4.2. Data Types 

There are numerous data types corresponding to different applications and having a variety of QOS requirements. 
The following data types correspond to the vast majority of the applications applicable to space communication 
network architecture: voice, video, telemetry, command- and-control and files. Voice and video can be interactive or 
stored in files and transmitted as data for later use. Telemetry includes system health status and system configurations 
as well as human health status. Telemetry is generally non-interactive. Caution-and-warning data, by our definition, 
is telemetry data; however, caution-and-warning data may be interactive and may be part of machine-to-machine 
communications. Telemetry is generally low- volume, low-rate data from monitoring sensors. Science data from 
science payloads and science sensors is generally high- volume, high-rate data. Examples of such data include radar 
and hyperspectral imagery. Data may also exist as files. Such data may include manuals, personal medical data, 
documents, maps, entertainment, etc. Command-and-control data may be generated locally or originate from one 
of the operation centers. Furthermore, command-and-control data may be for closed loop control or non-real-time 
control - sent over long propagation delays and/or via store and forward mechanisms. 

4.3. Data Classification 

Data can and should be classified over a number of criteria such as sensitivity level [5], security requirements [6] 
and QOS where QOS includes priority, time sensitivity and reliability. 


• Science payloads and sensors which produce 
large reams of data 

• Mission control and science operations control 

• Machine-to-machine communications for appli- 
cations such as routing protocols, close-loop con- 
trol systems, and caution-and-warning. 
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4.3.1. Sensitivity Level 

Data classification, in the context of information security, is the classification of data based on its level of sensitivity 
and the impact to the organization should that data be disclosed, altered or destroyed without authorization. The 
classification of data helps determine what baseline security controls are appropriate for safeguarding that data. 

All institutional data should be classified into one of three sensitivity levels, or classifications: 

Restricted Data Data should be classified as Restricted when the unauthorized disclosure, alteration or destruction 
of that data could cause a significant level of risk to the organization or its affiliates. The highest level of security 
controls should be applied to Restricted data. 

Private Data Data should be classified as Private when the unauthorized disclosure, alteration or destruction of that 
data could result in a moderate level of risk to the organization or its affiliates. A reasonable level of security 
controls should be applied to Private data. 

Public Data Data should be classified as Public when the unauthorized disclosure, alteration or destruction of that 
data would results in little or no risk to the organization and its affiliates. While little or no controls are required 
to protect the confidentiality of Public data, some level of control may be required to prevent unauthorized 
modification or destruction of Public data. 

4.3.2. Security Objective 

Within the US Government, the Federal Information Security Management Act (FISMA) defines three security 
objectives for information and information systems and their potential impact on Organizations and Individuals. The 
following is summarized from FIPS Publication 199, ’’Standards for Security Categorization of Federal Information 
and Information Systems:” 

Confidentiality is preserving authorized restrictions on information access and disclosure, including means for pro- 
tecting personal privacy and proprietary information. A loss of confidentiality is the unauthorized disclosure of 
information. Confidentiality is extremely important for data such as personal medical data due to the Health 
Insurance Portability and Accountability Act (HIPAA)[7].’[8] 

Integrity is guarding against improper information modification or destruction, and includes ensuring information 
non-repudiation and authenticity. A loss of integrity is the unauthorized modification or destruction of infor- 
mation. Integrity is extremely important for data such as command- and-control messages, scientific data, and 
telemetry used for operational decision making. 

Availability is ensuring timely and reliable access to and use of information. Relative to this Operational Concept 
(OpsCon), availability will not be addressed. Relative to security, availability has more to do with Denial of 
Service (DOS). Another area that affects availability is system reliability. 

Relative to space exploration network architecture, we will assume data availability is a non-issue by design. We are 
more concerned with confidentiality and integrity. 

4.3.3. Potential Impact 

Low The loss of confidentiality, integrity, or availability could be expected to have a limited or no adverse effect on 
organizational operations, organizational assets, or individuals. 

Moderate The loss of confidentiality, integrity, or availability could be expected to have a serious adverse effect 
on organizational operations, organizational assets, or individuals such as causing a significant degradation in 
mission capability to an extent and duration that the organization is able to perform its primary functions, but 
the effectiveness of the functions is significantly reduced. 

High The loss of confidentiality, integrity, or availability could be expected to have a severe or catastrophic adverse 
effect on organizational operations, organizational assets, or individuals including causing a severe degradation 
in or loss of mission capability to an extent and duration that the organization is not able to perform one or 
more of its primary functions or resulting in severe or catastrophic harm to individuals involving loss of fife or 
serious fife threatening injuries. 
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4.3.4. Security Category 

The generalized format for expressing the security category, SC, of an information type is: SC information type 
= {(confidentiality - C, impact), (integrity - 1 , impact), (availability - A, impact)}, where the acceptable values for 
potential impact are LOW (L), MODERATE (M), HIGH (H), or NOT APPLICABLE (NA). 

4.3.5. Quality -of- Service (QOS) 

The two general QOS categories are priority and service sensitivity. 

Priority is a queue management mechanism. An element with high priority is served before an element with low 
priority. If two elements have the same priority, they are served according to their order in the queue. 

Service Sensitivity is a characteristic of the application. An application often has multiple sensitivity characteristics. 
For example applications that require Real-Time Interaction include: interactive gaming applications that use 
Real-Time Protocol (RTP)/UDP streams for game control commands, and video conferencing applications that 
do not have the ability to change encoding rates, require low jitter and loss and very low delay. 

Relative to a Space Exploration Communication Network we shall categorize Quality-of-Service (QOS) based 
on data (i.e., digitized information). Data can be stored for long periods of time prior to forwarding and portions 
of the network may have long periods of discontinuity. The difference here from, for example, the Internet, is that 
applications running over the Internet generally assume a connected network and minimal delay 3 In the Internet, each 
router manages internal packet queues and associated QOS based on the packet priority field, the Type of Service 
(TOS) field in IPv4 and Traffic Class field in IPv6. 

The initial IPv4 priority mapped to the 1970 US military National Communications System (NCS) Voice Prece- 
dence System and used three bits to indicate the following: [10] 

1 1 1 - Network Control 
110 - Internetwork Control 

101 - CRITIC/ECP (Critical and Emergency Call Processing) 

100 - Flash Override (President, Secretary of Defense, Joint Chief of Staff) 

Oil - Flash (Information essential to national survival) 

010 - Immediate (Pertaining to situations that gravely affect the security of national and Allied forces) 

001 - Priority (Reserved for communications requiring expeditious action.) 

000 - Routine 

In the circuit switched voice systems of the 1970s, high precedence levels preempted lower level communications 
whereas in the Internet, higher priority packets get preferential treatment, but lower priority packets may still get 
transmitted if network resources are available. 

In today’s Internet, Differentiated Services (DiffServ), 6 bits in the TOS or Traffic Class field are used to specify 
a simple, scalable mechanism for classifying and managing network traffic and providing quality of service QOS. 
DiffServ is used to provide low-latency to critical network traffic such as voice or streaming media while providing 
best-effort service to non-critical services such as web traffic or file transfers. 

Request for Comment (RFC) 4594, ’’Configuration Guidelines for DiffServ Service Classes[ll]” provides a very 
good categorization of Service Classes. The Service Classes are divided into two groupings, network control and 
user/subscriber traffic. To provide service differentiation, different service classes are defined in each grouping. The 
network control traffic group is further divided into two service classes: ’’Network Control” for routing and net- 
work control function and ”OAM” (Operations, Administration, and Management) for network configuration and 
management functions. The user/subscriber traffic group is broken down into ten service classes to provide service 
differentiation for all the different types of applications/services. Many of these service types are directly applicable 
to our Space Exploration Communication Network Architecture. 


3 This is not to imply the Internet Protocols cannot be used in Space Networks, just that for our space network architecture QOS has some 
additional parameters to consider. In fact, Internet Protocols have been demonstrated to work quite well in space networks [9]. 
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The Telecommunication Standardization Sector of the International Telecommunications Union (ITU) has a docu- 
ment, ITU-T G.1010, “Series G: Transmission Systems and Media, Digital Systems and Networks: Quality of service 
and performance [12],” that defines a model for multimedia Quality of Service (QoS) categories from an end-user 
viewpoint. By considering user expectations for a range of multimedia applications, eight distinct categories are 
identified, based on tolerance to information loss and delay. Key parameters that impact the user are: Delay, Delay 
Variation (a.k.a. jitter), and Information loss. Three major applications are identified: Audio, Video and Data. Similar 
to RFC 4594, each application area is further divided into service classes. Audio includes: Conversational Voice, 
Voice Messaging and Streaming Audio. Video includes Videophone or video for real-time operational visibility to 
support operational decisions (interactive) and one-way video (non-interactive) such as video messages or documen- 
tary or science video with high definition and integrity. Data includes: interactive applications like Web browsing, 
gaming and E-commerce, Bulk Data, Command- and-control, and Instant Messaging. 

For the ’’local” and ’’proximity” regions, the QOS parameters and mechanism identified in RFC 4594 and ITU-T 
G.1010 map quite well. For the ’’Afar” region, propagation delay must be considered. ’’Neighborhood” and ’’Afar” 
regions also will have various degrees of disconnection and disruption due to wireless systems moving in and out of 
range, scheduling of assets, and orbital dynamics. 

For the Space Exploration Communication Network the following QOS parameters are of interest. We have 
slightly modified the definitions for space-base networking: 


Priorities: 

Immediate Data is sent out as quickly as possible. Jumps all other queues. Used for services such as time- 
sensitive command-and-control. 

Priority Data in a priority queue is generally transmitted before routine traffic, or, at least in sufficient time to 
fulfill the requiring expeditious action. 

Routine Best effort traffic. Queues are managed base on service sensitivity. 

Service Sensitivity: 

Time-Sensitive Applications that require precise time delivery. For example, for space applications, this may 
be a command to fire a thruster. Generally a ’’local” application and probably communication over a 
deterministic bus. Certainly not an ’’afar” application. 

Delay-Sensitive Applications or protocols that require some form of real-time hand shaking. For example 
the Transmission Control Protocol (TCP) is delay-sensitive and therefore should not be use for ’’afar” 
communications. 

Jitter-Sensitive Real-Time Interactive applications such “local” control commands and video conferencing 
applications that do not have the ability to change encoding rates. 

Disconnection Sensitive 4 Any application that requires end-to-end connectivity such as closed loop control 
applications and real-time interactive applications such as conversational voice. 

Loss Sensitive Few applications are loss insensitive. Fortunately, packet loss is usually handle at the lower 
layer protocols such that any loss and retransmission taken care of outside the application. Examples of 
loss sensitive applications are anything that is bulk encrypted or authenticated. If one does not receive the 
entire bulk package, one cannot authenticate or decrypt the package. 

Bandwidth Sensitive Any application requiring high volumes of data to be moved between systems in a rea- 
sonable amount of time is bandwidth sensitive as DataRate oc Bandwidth. Video, in particular, high- 
definition video is bandwidth sensitive. 


5. Communication Links 

It is Important to understand the various data links we have available to us. We can categorize communications 
links as two physical types: (1) those that are physically connected via wire or fiber and (2) wireless. 
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Physically connected links tend to be symmetrical, that is, they have equal bandwidth capability in both the 
transmit and receive directions. The links can be either full duplex or half duplex. These physical connections tend 
to be point-to-point. However, in the past, Ethernet daisy-chaining was used. The wiring may be multi-connector 
- often with twisted pairs. Examples of wire connections are RS-232 (160 kbits/s - can be up to 1.0 Mbit/s), MIL- 
STD-1553 (1.0 Mbps), RS-442 (10 Mbps), Universal Serial Bus (USB) (* 720 Mbps for 3.0) and spacewire (< 400 
Mbps). Coaxial lines are often used for telecommunication equipment. Examples include Tl/El (1.544/2.048 Mbps) 
and T3/E3 (45/34 Mbps) links. Today most local area connections such as in building connections or, in our case 
within a vehicle or habitat, are either Ethernet or fiber optics with connections distributed via a switch configured in a 
hub/spoke architecture. 

The wireless radio links include broadcast, point-to-multipoint, mesh radio (which is really a point to multipoint 
radio with some type of spanning tree protocol) and point-to-point. A broadcast radio is a radio system where anybody 
can listen and receive. Point-to-multipoint radios really broadcast 5 however, there is usually some type of access 
restriction such that “not just anybody can receive and reply to messages”. Point-to-multipoint radio systems include 
technologies such as Wi-Fi (802. 1 lxx) and WiMAX (802. 16xx). Wi-Fi radios have symmetric bandwidth capabilities. 
WiMAX is a high-bandwidth system but designed to be asymmetric. The transmission is generally at a lower rate from 
the subscriber station to the base station (a.k.a. uplink). Whereas, transmission is at a much higher rate from the base 
station to all subscriber stations (a.k.a. downlink). Point-to-point radio links for space-based systems - particularly 
systems operating in the afar region - are often highly asymmetric. The downlink is often orders of magnitude larger 
than the uplink. This is mainly due to the communication needs (where the information is generated). For example, 
for missions such as Earth observation, the vast amount of data is generated on the spacecraft and transmitted to the 
ground. The NASA Space Network User’s Guide (SNUG) [13] provides a number of examples of the types of point- 
to-point links that are available and the NASA Space Network. The NASA space network is the Tracking and Data 
Relay Satellite System (TDRSS). 

6. Element Overview 

The network communication architecture for human space exploration beyond low Earth orbit consists of four 
architectural systems [Figure 1]. These four architectural systems are: the flight systems, the launch vehicle systems, 
the ground systems, and the planetary surface systems. Although the launch vehicle systems could be considered 
flight systems, they are separated out as they are short lived systems. Each of those architectural systems consists 
of multiple elements. The flight systems has six major elements. These elements are the Crew Vehicle (CV), the 
Extravehicular Mobile Unit (EMU), the Surface Access Module (SAM), the Cargo Vehicle (CaV), the Space Habitat 
(SpH), and Space Robot (SpR). Launch vehicle systems include the Crew Launch Vehicle (CLV) and a Cargo Launch 
Vehicle (CaLV). The ground systems have four major elements: the factories, integration facilities, ground systems, 
and mission systems. The planetary surface systems consist of the following elements: the Surface Habitat (SuH), 
Surface Robots (SuRs), and Surface Mobile Systems (SuMSs). 

6.1. Flight Systems 

Crew Vehicle (CV) is used to transport the crew to and from the Space Habitat (SpH). Where the SpH may be 
a Mars transfer vehicle of some nature. It will dock with the SpH. It will interface with the Crew Launch 
Vehicle (CLV). The CV is not designed to accommodate astronauts for extended duration missions. Rather, 
that is the function of a SpH. 

The Crew Vehicle (CV) will communicate with ground systems, mission systems, EMUs, the SpH, and SpRs 
and may communicate with the SAM. ). It may remain parked in orbit above an exploration objective. 

Extravehicular Mobile Unit (EMU) a.k.a. spacesuit is the self-contained life-support system used by astronauts 
during Extravehicular Activities (EVAs). The EMU communicates with the CV the SAM, the space and surface 
habitats and all robotic systems. Data generated by the EMU consists of the space suit telemetry, caution-and- 
warning messages, astronaut health status, video, and files containing scientific data, intercom-quality audio, 
video and pictures [14]. 


5 Anyone can ’listen’ but may not be able to interpret the message due to datelink encryption and will not be able to reply if not registered. 
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Figure 1 : Network Communications Architecture Hierarchy 

Surface Access Module (SAM) is the vehicle that provides transportation from the SpH to the planetary surface. 
The SAM communicates with both the SpH and the surface habitat and may communicate with EMUs, the CV 
and space robots. 

Cargo Vehicle (CaV) provides supplies to the SpH. This vehicle also may return waste products and other items no 
longer needed from the SpH back to Earth. 

Space Habitat (SpH) is the living and working module for the mission crew. It may consist of multiple small mod- 
ules integrated together to form one living and working habitat. The SpH may exist in many forms depending 
on the mission. For discussion purposes, the International Space Station (ISS) can be considered a SpH. For 
new exploration missions, the habitat may be a lunar orbiting habitat or shelter at Lagrange Point 2 (L2) or even 
a vehicle transitioning between Earth and Mars and then orbiting around Mars. 

Space Robot (SpR) systems are envisioned to be robots used to assist in monitoring and repair of space vehicles 
and/or assisting in space science such as an asteroid capture and retrieval mission. 

Space Communication Relays (SCRs) are space systems with the primary purpose of providing high-quality, high- 
rate communication links over long distances. These relays may or may not be processing relays. A regenerative 
relay is a system that performs demodulation and re-modulation the communication signals. A processing relay 
is a regenerative system that also performs protocol processing. Two examples of spaced communication relays 
are the current Tracking and Data Relay Satellite System (TDRSS) and the Mars relay satellites. Tracking and 
Data Relay Satellite (TDRS) is a bent-pipe system whereas the Mars relay satellites demodulate, Store, Carry 
and Forward (SCF) and re-modulate communication data. 
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6.2. Launch Vehicles 

Crew Launch Vehicle (CLV) is the heavy lift launch vehicle upon which the CV resides. As such, the CLV is 
designed for human rated space flight. 

Cargo Launch Vehicle (CaLV)) is the heavy lift launch vehicle upon which the cargo vehicle resides. There may 
be multiple CaLVs of varying sizes depending on the cargo types and destinations. Regardless, the CaLV has 
less stringent launch requirements is not intended to launch humans and therefore does not have to meet human 
spaceflight launch criteria. 

6.3. Earth Ground Systems 

Factories are where subsystems are developed. The factories are included here because there may be a need for 
subsystems developed at various factories to communicate with each other prior to transport to the integration 
facilities. In addition, subsystems must communicate with test and validation equipment within the factory 
itself. 

Integration Facilities are where subsystems are brought together for integration and testing prior to launch. It may 
be desirable to have integrated systems communicating with mission systems for early operational check out. 

Ground Systems consist of the following: launch site, tracking sites, and communication ground stations. All of 
these sites can communicate via terrestrial means using Internet communications systems and products. The 
ground stations are likely owned and operated by multiple third parties and various international partners. Ap- 
propriate communication and information security policies must be in place to allow for such communications. 

Mission Systems include human spaceflight mission centers, various science mission centers, and potentially payload 
specific mission centers. These mission centers are most likely distributed in various geographical locations. 

6.4. Planetary Surface Systems 

Surface Habitat (SuH) is the living and working module for the mission crew. It may consist of multiple small 
modules integrated together to form one living and working habitat. 

SuRs are envisioned to be robots used to assist in monitoring and repair of planetary surface systems and/or assisting 
in science missions. There may be numerous surface robots. These robots may act together to perform functions 
and operate in swarms. 

SuMSs are vehicles used to move astronauts and/or cargo on the planetary surface. These vehicles may or may not 
have self-contained life-support similar to a habitat but for much shorter duration. 

7. Generic Reference Mission 

Figure 2 depicts a generic design reference Mission 6 . The purpose is to show a cradle-to-grave (end-of-mission) 
example that includes build, test, integration, launch, planetary mission, science return, and return of the crew and 
mission - end-of-mission. The design reference mission only needs to be at sufficient detail to identify communica- 
tions flows and interoperability requirements, data types, quality-of- service requirements and security requirements. 

The generic exploration design reference Mission shows a timeline of events. It is an attempt to show which 
major modules have to be available at what time sequence. For example we start with the launch of the surface 
habitat and surface robotics. These elements have to be in place at the destination planet prior to manned missions. 
Also it is assumed that major modules will first be launched to Low-Earth Orbit (LEO) where they can meet up with 
another vehicle that can carry it to the destination orbit around the destination planet. From there, the modules will 
descend and land on the planet and be maintained until the manned-mission can occur. While in this state, some 
communication with these modules will be required just to monitor health and status. 


destination may be a Planet or Object e.g. asteroids 
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The second major initiative will be the launch and deployment of a Surface Access Module (SAM). This module 
will allow humans to land and return from the surface. These are the pre-deployment elements. 

Prior to launching the crew the necessary major components must be in place to carry the crew from low Earth 
orbit to the destination planet. These modules include the SpH, space robotics and communication relays. The SpH 
is the living and working facility for the crew on its way to and on the return from the destination planet. 

Once the SpH is in place we can then launch the crew and the return vehicle. The CV will meet rendezvous and 
dock with the SpH. The crew will then transfer from the CV to the SpH for its journey to and from the destination 
planet (E.G., Mars). The return vehicle will provide the power and propulsion for the SpH to and from the destination 
planet. 

Overall communication requirements include: communication with a number of modules while in LEO, commu- 
nication with a limited number of modules to and from the destination orbit, communication with the return vehicle 
and SpH while it remains in the destination orbit, and communication with surface modules and the surface habitat. 

In the following sections we identify the various communication needs, data types, and data flows for each phase 
of operations as well as identifying the security requirements of each data type during each phase of operation. 

Note that in the Subsystem Integration Figure 3 and Prelaunch Integration Figure 4, no single government entity 
is assumed or no single government funded and owned system is assumed. Sites for various facilities are purposely 
shown to spread across the globe and be owned and operated by vastly different governments, organizations, or 
industry and academia partners. This is purposefully done to force one to address international interoperability and 
international security deployment considerations. 

In order to address each phase of the mission in the communication requirements some sort of generic design 
reference mission is required. Thus, we have chosen somewhat of a “worse-case” 7 mission, a mission to land a 
two crewmembers on Mars for period of a few days and return them safely to Earth. The following assumptions 
have arbitrarily been made as we are only concerned with a model that identifies data flows, security needs and 
communication requirements: 

• The mission will require a four-person crew with two crewmembers landing on the surface of Mars. 

• The Surface Access Module (SAM) will also be the vehicle that will return the crewmembers to an awaiting 
structure spacecraft for return to Earth. 

• The SpH can perform the functions of delivering crewmembers from the LEO Rendezvous to the Destination 
Rendezvous, orbit Mars with two crewmembers while the other two crewmembers land on the planet, and return 
safely to Earth. 

• For this short duration of the surface, a surface habitat is not required. The SAM will suffice. 

• A surface mobile system and surface robots will be deployed. 

• All necessary communications can be handled by the SpH. 

- The SpH will act as the communication relay for the astronauts while on the surface. 

• 24/7 Communications is not a requirement, thus autonomous operations by the crew and robots is necessary 
independent of mission control. 

• The SpH cannot be launched as a single structure. Rather, two launches are required with the SpH assembled 
at the LEO Rendezvous point. 

7.7. Subsystem and System Integration 

The first phase of a mission that we consider is the subsystem and system integration phase. Obviously this phase 
has to occur at the beginning of any mission, what can occur throughout as new subsystems are being developed and 
integrated prior to deployment. Figure 3 illustrates the basic concept. Here, various components are being developed 


7 Hard to do rather than simply having multiple launch elements and multiple types of launch elements. 
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by different entities in different locations and perhaps even in different countries. Previously developed and deployed 
assets using legacy communication systems will exist as well, and accurate copies are required for integration of new 
systems with potentially obsolescent implementations. These components will be brought together eventually at a 
single location for subsystem integration. However, it is highly desirable to have those components communicate 
and interoperate and perform initial testing while still at their respective factories. It is conceivable that one will 
begin integration with payload operations, science operations and/or mission operations at this time to work out 
interface issues. Today this can be done using Internet technologies. However, one must design the components to 
be able to readily take advantage of such technologies. Furthermore, one would like to use Internet technologies and 
protocols directly while testing within the factory itself. Thus, it is highly advantageous to use commercial off-the- 
shelf interfaces and protocols to communicate with various components and subsystems. 



Figure 3: Subsystem Integration 


A prime example of the advantage of using commercial-off-the-shelf standard interfaces and protocols is the 
NASA Airborne Science program’s NASA Airborne Science Data And Telemetry System (NASDAT). A rugged 
avionics box provides both aircraft and experimenter data interfaces. Ethernet, Satellite Communications (SATCOM), 
and legacy connections are supported. Standardized IP protocols allow this system to serve as an abstraction layer 
for interfacing any instrument to any aircraft. Built on open standards and dynamically reconfigurable, the NASDAT 
enables any research platform to participate in the wider sensor web, such that remote experimenters can control their 
instruments, and display applications can receive near real time data. [15]’ [16] 

During the subsystem and system integration phase, the test and validation data being transmitted between the 
component under test and a test unit includes: files, command- and-control, and telemetry. Data being transmitted 
between sites includes: files, command-and-control, telemetry, and perhaps voice and video depending on the compo- 
nent integration required. Data rates and security requirements vary greatly depending on the component or subsystem 
integration requirements. Data rates could vary from kilobits for simple sensors to hundreds of megabits or even gi- 
gabits for sophisticated science sensors. As a minimum between sites some type of virtual private network will have 
to be established. 

All security mechanisms that can be, should be tested and verified during each phase of integration. As the system 
grows from component integration to subsystem integration to complete systems, the amount of security mechanisms 
will grow. It is the goal to have limited reconfiguration throughout system development and deployment including 
security and addressing. System deployment includes: subsystem development in a factory setting, system integration 
in a laboratory setting, launch preparation, launch, and deployment, operation in space. 

7.2. Prelaunch and Launch 

The prelaunch and launch phase phases are generally the most complex regarding communication. During these 
phases all elements have to be checked out while at the launch site and then communication must be maintained during 
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launch through deployment. Figure 4 provides an illustration of the major ground elements and includes spacecraft 
integration, mission control, launch integration, and payload, science, and range operations. In Figure 4, the “location 
markers” represent all ground stations used for tracking during launch and for communication once in orbit or on its 
trajectory to the final destination. Note, the ground stations may be leased for service and owned and operated by 
third parties. The same applies to the launch site. Therefore, data and communication security mechanisms must be 
able to handle this communication mix of international, public and private subnetworks. 



Figure 4: Prelaunch and Launch Integration 


There are two major launch types: 1) unmanned launches for cargo such as habitats, robotic systems or commu- 
nication relays; and, 2) manned launches to get the crew into space via the CV. The main difference for manned 
launches are: a) all elements have to be rated for manned flight, b) additional procedures are needed to ensure crew 
safety when terminating a launch while on the pad, c) there is voice communication to and from the CV, and, d) while 
on the pad, astronaut health status data is sent to the proper authorities at mission operations. Since manned launch is 
more complex and has more communication requirements than an unmanned launch, we use manned to describe the 
various communication paths and requirements as depicted in Figure 5. 

During prelaunch the spacecraft and payload may still be at integration facilities away from the launch site. Testing 
and system checkout with the science payload and mission control is desirable even at this stage to ensure interoper- 
ability prior to launch integration. Eventually all the major subsystems will be integrated at the launch site. At this 
time, all communication interfaces need to be validated for operation. Once this is completed, the rocket and the cargo 
vehicle or CV and associated payload are moved to the launch pad. While on the launch pad, communication is via 
hardwired umbilical cord and local wireless. Furthermore the communication links to the tracking communication 
systems such as NASA’s TDRSS need to be confirmed. 

Figure 5 shows seven major elements included in and Prelaunch and Launch phases while a vehicle is on the 
launchpad. These elements include: the Crew Launch Vehicle (CLV) or Cargo Vehicle (CaV) and the CV or CaV, the 
crew or payload, range safety, launch operations, mission operations, and tracking and communications services. 

Range safety is responsible for ensuring the integrity of the range, the safety of the range, and the safety of any 
personnel on the range or downrange. Range safety tracks the vehicle during launch and if necessary, executes proper 
procedures to terminate the launch or destroy the vehicle if it deviates from its expected path or poses any threat to 
personal or property due to deviations in the planned flight path. Range safety keeps launch operations informed of 
conditions on a range. Tracking of the vehicle is done via radar and the only communication with the vehicle is a 
secure wireless Radio Frequency (RF) communication link to issue the necessary commands to terminate the launch 
in whatever manner is appropriate. 

The Tracking and Communications Services track the vehicle during launch and reports the positioning back to 
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mission control and launch operations. Once the umbilical is removed from the launch vehicle, all communication 
between the crew and launch and mission operations is via the Tracking and Communications Services. 

Launch operations is responsible for executing a successful launch and ensuring the safety of the crew or the 
payload. Launch Operations is in control of the mission from launch integration up to the point where the vehicle 
leaves the pad. 

During manned-launch, mission operations monitors the health and status of the crew and CV to ensure nominal 
operations and to keep the crew informed of the current launch status. For unmanned operations, mission operations 
monitors the health and status of the cargo vehicle and the payload while launch operations is concerned with the 
CaLV and getting the system off the pad. Once the vehicle clears the pad, mission operations takes over all aspects of 
operations except range safety. 

It is important to note that during each phase of the mission different communication links are active and different 
types of data flows are taking place between elements. A detailed discussion of this is provided in the Data Flows 
Section [8]. For example during prelaunch, while on the pad, most of the communication between the launch vehicle 
and launch operations or mission operations is via hardwired connections. With such conductivity, it is possible to 
transfer large amounts of data if necessary. Once the vehicle leaves the pad, the launch phase, all communications 
is via radio between the vehicle and mission operations. At this time, data rates are relatively small - in the tens to 
hundreds of kilobits per second. This is due to the ever-changing position of the launch vehicle relative to the tracking 
and data relay systems - be it ground tracking systems or GEO-based tracking systems such as TDRSS. It becomes 
difficult to close the RF link at high data rates prior to deployment of high-gain antennas. Antenna deployment only 
occurs after a stable orbit has been obtained, or some other stable configuration has been obtained “en route” to space 
destination 8 . 

Immediately following liftoff through the end-of-mission, all communications to Earth is via a ground-base com- 
munication support network as shown in Figure 6. Depending on the phase of flight and the particular mission or 
submission, communication may be via: multiple ground stations supporting direct spacecraft to ground communica- 
tion, a GEO communication relay satellite system such as NASA’s TDRSS, or distributed deep space communication 
network consisting of three or more ground networks with large aperture antennas capable of deep space communica- 
tions. The NASA Deep Space Network (DSN) [17] is one such example. The European Space Agency (ESA) Norcia 
facility in western Australia and the Chinese Deep Space Network [18]are another examples. 


8 For discussion purposes, we consider Deep Space, anything beyond GEO distances. 
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Figure 6: Post Launch 


7.3. LEO Rendezvous 

We provide a scenario to address the communication needs for a LEO Rendezvous. Per our reference mission, the 
SpH cannot be launched as a single structure. Rather, two launches are required with the SpH assembled at the LEO 
Rendezvous point. One the SpH is assembled, the crew will be deployed to the habitat via the CV. The CV will detach 
from the habitat and either remain at LEO or return to Earth and be redeployed upon return of crew from Mars. For 
our generic Concept of Operations (CONOPS), we will assume that the CV has been placed in a hibernation mode 
and will remain at LEO for use in Earth reentry. 

Communication at LEO will be via a GEO relay satellite constellation in order for the operations center to oversee 
the assembly. We shall assume that all assembly will be performed autonomously, without the assistance of a crew. 9 

During assembly of the SpH, data transferred from LEO to ground is primarily low-rate telemetry and high-rate 
video. Since the operations occur autonomously, the video does not have to be real-time and could be sent as files. 
Critical communication is machine-to-machine between sub-elements of the SpH as they dock, thereby creating one 
large SpH. Here, ranging data exchange between the docking systems is critical. 

The SpH submodules could be designed such that humans have to be involved in the assembly. Regardless, 
autonomous operations still has to be done at the Destination Rendezvous, so doing so at LEO is the first step in 
validating the technologies necessary to make this happen. If mission operations were involved in the real-time 
integration of the SpH, high-rate video, telemetry and real-time command- and-control would likely occur from LEO 
to ground via a system of GEO relay satellites. 

With the arrival of the crew, additional voice communications would ensue. 

7.4. En Route-Out ( to the Destination ) 

En Route takes place traveling to and returning from the destination. While en route, all communication is via a 
Deep Space Network (DSN). Therefore communication is limited. No real-time communication can be assumed due 
to propagation delay as well scheduling of communication assets. All communication is via some form of file/bundle 
transfer. These data files will consist of video, voice messages, and telemetry. All command-and-control will be via 
some file-like mechanism. The only real-time radio processing will be ranging data. 

For telemetry, the most useful habitat-to-Earth communications is last-in, first-out queueing. 

The communication Earth-to-habitat data rates are expected to be higher for manned flight simply to provide some 
entertainment communications to the crew. 


9 In which case, one could rely entirely on direct LEO to ground communications. 
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Experiments are expected to be performed en route. The results will be transmitted back to Earth with some 
non-real-time interactions expected between either the Crew and the Principal Investigator (PI) or the PI and the 
experiment package. 

7.5. Destination Rendezvous 

Once the SpH reaches Mars, it will remain in orbit around Mars as the crew prepares for the next phase of the 
mission, landing two crewmembers on the surface of Mars for a few days and returning them back to the SpH. In 
order to accomplish this, the SpH rendezvous SAM. The SAM docks with the SpH and two crewmembers transfer to 
the SAM. SAM then separates and ascends to the planet surface. 

The propagation delay from Mars to Earth is quite large, in the order of 4 to 24 minutes one-way (i.e, 8 to 48 
minutes RTT) depending on the separation between Mars and Earth due to their orbits. Thus, no real-time command- 
and-control can take place. Instead, all local operations are designed as autonomous operations relative to mission 
control. However, we will assume that all critical operations occur during periods in which there is a full commu- 
nication path between Mars and Earth. This assumption holds for all phases of operations including ascent and 
departure. 

During critical operations, telemetry and, if sufficient bandwidth is available, video will be transmitted (streamed 
in real-time) from the source to Mission Control. It is assumed that much of the video data will have to be stored for 
later transmission over lower rate communications links over long periods of time. 

7.6. Planetary Descent 

Descent is a critical operation. As such, telemetry and, if sufficient bandwidth is available, video will be transmit- 
ted (streamed in real-time) from the source to Mission Control. We will assume that this occurs via some relay be it 
the SpH or a Space Communication Relay (SCR) around Mars. Such relays will enable higher rate communication 
from the SAM to Earth. Much of the data may be stored on the relay for later transmission. 

7. 7. Surface Operations 

Once safely on the surface, the Space Robots (SpRs) and the Surface Mobile System (SuMS) will rendezvous with 
the SAM. The crew will perform a number of sorties that include use of the service it use of the SpRs and a SuMS. 
In addition they will perform Extravehicular Activities (EVAs) using Extravehicular Mobile Units (EMUs). As such 
there is a great amount of high-bandwidth vocal communication between systems. The EMUs will communicate with 
each other as well as with the robots. We will assume the surface mobile system can act as a relay to communicate 
back to the SAM and that the SAM can act as a relay to communicate with the satellite relay or the SpH. 

We will assume that sorties can take place independent of communication with mission control and that much of 
the data and applications will be designed to function in a Store, Carry and Forward (SCF) communication architec- 
ture. 

Data generated during these surface sorties includes: telemetry, voice, video, imagery, medical, navigation (po- 
sition) and sensor data from scientific instruments. The major data received from mission operations includes maps, 
schedules, procedures, software updates, and personal communications for each crewmember. 

7.8. Planetary Departure 

The communication needs and requirements for departure are identical to those for Descent. 

7.9. En Route-Back (from the Destination ) 

The communication needs and requirements for En Route-Back are identical to En Route-Out. 

7.10. Earth Reentry 

For the Earth reentry phase, we will assume that the Space Habitat (SpH) docks with the Crew Vehicle (CV). The 
crew will move from the SpH into the CV. At this point the SpH is put into hibernation and the CV separates. The 
CV will descend to the Earth’s surface where the crew will be recovered by an awaiting team. Once the crew has been 
recovered, the mission is complete (end-of-mission). 
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8. Data Flows 


The following subsections show a system connectivity matrix and one specific data-characteristic matrix for the 
space habitat. The SpH Data characteristic matrix shows the various data types and flow for each element connected 
to the SpH. These matrices encompass all phases of the mission. If one were to model any element one would need to 
create a connectivity matrix and data-characteristic matrix for each phase of the mission. That was not done for this 
paper as an aggregate model is sufficient to illustrate the complexity. 

8.1. System Connectivity 

Figure 7 shows conductivity between elements and is an aggregate of all phases of the mission. For example, 
during initial launch the surface access module can be considered payload and has some form of communication 
connection with the cargo vehicle perhaps just to send health and status telemetry. During launch the surface access 
module does not communicate with the space habitat. However, during destination rendezvous in preparation for 
dissent, the surface access module and a space habitat have a communication path in order to perform docking proce- 
dures. From the simple illustration, it is apparent that the conductivity matrix changes depending on the phase of the 
mission and that to be complete a connectivity matrix has to be generated for each phase of the mission. 
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Figure 7: Connectivity Matrix 


8.2. Data Characteristics 

Figure 8 shows types of data the characteristics of the data being transferred between the SpH and other elements. 
This matrix is an aggregate of all phases of the mission. The characteristics for security, priority and service sensitivity 
are also provided as are the communication links. These data characteristics and communication links, as presented, 
are also aggregates over all phases of the mission and for all data types. To properly model the system communication 
system, one would need to generate a connectivity matrix for each phase of the mission. Each of those connectivity 
matrices would be multidimensional such that for each type of data the characteristics for security priority, and service 
sensitivity along with the communication link (or links) used would have to be identified. Furthermore, often same 
data-type may have differing data characteristics depending on the application. Appendix B shows the aggregate data 
characteristics matrix of each major element. 
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Figure 8: Data Characteristics and Connections for the Space Habitat (SpH) 
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One has to analyze each application to determine: where the data is flowing, over what communication links, 
what security needs to be implemented and what quality of service is required. For example, consider some functions 
on an EMU. The EMU is performing an EVA. We may have a file that consists of health and status telemetry from 
a particular sensor. This file requires no security and can be sent from the EMU to mission control via some SCF 
mechanism by way of the Space Habitat (SpH). The file can be sent with routine priority over an Ethernet umbilical 
once the EMU returns to the SpH . Another file consists of medical health and status of a crewmember (medical data 
protected by HIPAA regulations). This data may require high confidentiality but routine priority. It is also sent over 
the umbilical link once the astronaut reaches the SpH. A third file consists of caution- and- warning data being sent 
from one crewmember to another - one EMU to another in close range. This is unsecured high-priority data. 10 This 
data is sent over the “local” mesh radio system. Thus, we have the same data-type treated multiple ways depending 
on the application and being sent over various links and within or between regions (in this case, telemetry is sent afar 
and caution-and- warning is sent over local links). The combinations are enormous. 


9. Summary 

The operational concepts for a generic space communication network for human space exploration beyond low 
Earth orbit has been articulated. Common terminology has been defined and communication flows and data types 
and characteristics have been identified. A generic design reference Mission was developed in sufficient detail to 
identify communications flows, data types, quality-of- service requirements and security requirements from cradle to 
end-of-mission. A system connectivity matrix was presented showing the connectivity between all major elements 
aggregated over each mission phase. Data characteristics matrices were also developed for each element and are 
provided in appendix B. A detailed analysis of the data characteristics for the Space Habitat (SpH) was provided. The 
significant item to note is that one has to analyze each application to figure out where the data is flowing, over what 
communication links, what security needs to he implemented and what quality of service is required. 


10 For local or proximity medical data, Crewmembers must wave their privacy rights as situational awareness among all crewmembers is critical 
for all to survive. 
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A. Acronyms List 

CaLV Cargo Launch Vehicle 
CaV Cargo Vehicle 
CLV Crew Launch Vehicle 
CONOPS Concept of Operations 
CV Crew Vehicle 
DOS Denial of Service 
DRM Design Reference Mission 
DSN Deep Space Network 
EMU Extravehicular Mobile Unit 
ESA European Space Agency 
EVA Extravehicular Activity 

FISMA Federal Information Security Management 
Act 

GEO Geostationary Orbit 

HIPAA Health Insurance Portability and Accountability 
Act 

ISS International Space Station 
IP Internet Protocol 
L2 Lagrange Point 2 
LEO Low-Earth Orbit 

NASDAT NASA Airborne Science Data And 
Telemetry System 

OpsCon Operational Concept 


PI Principal Investigator 

QOS Quality-of-Service 

RF Radio Frequency 

RFC Request for Comment 

RTP Real-Time Protocol 

RTT Round Trip Time 

SAM Surface Access Module 

SATCOM Satellite Communications 

SCF Store, Carry and Forward 

SCR Space Communication Relay 

SpH Space Habitat 

SNUG Space Network User’s Guide 

SpR Space Robot 

SuH Surface Habitat 

SuMS Surface Mobile System 

SuR Surface Robot 

SysML System Modeling Language 

TCP Transmission Control Protocol 

TDRS Tracking and Data Relay Satellite 

TDRSS Tracking and Data Relay Satellite System 

TOS Type of Service 

USB Universal Serial Bus 
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B. Data Characteristics and Connections 
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Figure B.9: Data Characteristics and Connections for the Cargo Vehicle (CaV) 
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B.2. Crew Vehicle (CV) 
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Figure B.10: Data Characteristics and Connections for the Crew Vehicle (CV) 
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B.3. Extravehicular Mobile Unit (EMU) 
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Figure B.l 1: Data Characteristics and Connections for the Extravehicular Mobile Unit (EMU) 
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B.4. Launch Operations 
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Figure B.12: Data Characteristics and Connections for Launch Operations 
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B.5. Launch Vehicle 
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Figure B.13: Data Characteristics and Connections for the Launch Vehicle 


NASA/TM— 201 5-2 1 8823 


28 


B.6. Mission Operations 
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Figure B.14: Data Characteristics and Connections for Mission Operations 
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B.7. Payload 
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Figure B.15: Data Characteristics and Connections for the Payload 
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Figure B.16: Data Characteristics and Connections for Range Safety 
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B.9. Return Vehicle 
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Figure B.17: Data Characteristics and Connections for the Return Vehicle 


NASA/TM— 201 5-2 1 8823 


32 


B. 1 0. Space Communication Relay ( S CR ) 
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Figure B.18: Data Characteristics and Connections for the Space Communication Relay (SCR) 
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B.ll. Space Habitat ( SpH) 
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B. 1 2. Space Robot ( SpR ) 
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B. 1 3. Surface Access Module ( SAM) 
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Figure B.21: Data Characteristics and Connections for the Surface Access Module (SAM) 
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B. 1 4. Surface Robot ( SuR ) 
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Figure B.22: Data Characteristics and Connections for the Surface Robot (SuR) 
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B. 1 5. Surface Habitat ( SuH) 
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Figure B.23: Data Characteristics and Connections for the Surface Habitat (SuH) 
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B. 1 6. Surface Mobile System ( SuMS ) 
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Figure B.24: Data Characteristics and Connections for the Surface Mobile System (SuMS) 
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B.17. Tracking and Communication System 
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Figure B.25: Data Characteristics and Connections for the Tracking and Communication System 


NASA/TM— 201 5-2 1 8823 


40 



